Australian insurance company Medibank has made a public statement after being contacted by a malicious party claiming to have customer data and wanting a ransom for its deletion.
The initial cyber security incident occurred on October 13, when Medibank detected some “unusual activity” on its internal systems. After dealing with the cyber-attack, Medibank said in a statement about the October 13 breach that there was “no evidence that customer data has been accessed” during the breach.
Medibank was then contacted on October 17 by the malicious party, who aimed to “negotiate with the company regarding their alleged removal of customer data”. Medibank has not confirmed what data the supposed hackers claim to have, only saying that as an insurance and healthcare company, it possesses “a range of necessary personal information of customers”. The insurer said it is working to verify these claims, and based on its “ongoing forensic investigation” it is treating the potential cyber security incident “seriously”.
According to The Sydney Morning Herald, who claim to have seen the ransom note, the malicious party are threatening to sell 200GB worth of confidential data if their demands are not met. The group threatened to release the data of Medibank’s “1k most [prominent] media persons” which includes “[those with the] most [social media] followers, politicians, actors, bloggers, LGBT activists [and] drug addicted people” as well as people with “very interesting diagnoses”.
As a result of the attempted ransom and to ensure it meets its continuous disclosure obligations, Medibank has called a trading halt which will continue until further notice. The company has also employed the help of “specialist cyber security firms” and has alerted the Australian Cyber Security Center (ACSC).
Medibank CEO David Koczkar said of the potential data breach: “I apologize and understand this latest distressing update will concern our customers. We have always said that we will prioritize responding to this matter as transparently as possible. Our team has been working around the clock since we first discovered the unusual activity on our systems, and we will not stop doing that now. We will continue to take decisive action to protect Medibank customers, our people and other stakeholders.”
Medibank noted that as its internal systems had not been encrypted by ransomware, normal operations can continue, although they may be affected by the ongoing investigation into the hacking claims.
Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.
Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.
Cyber Security Hub, a division of IQPC
Careers With IQPC| Contact Us | About Us | Cookie Policy
Become a Member today!
Already an IQPC Community Member?
Sign in Here or Forgot Password
Sign up now and get FREE access to our extensive library of reports, infographics, whitepapers, webinars and online events from the world’s foremost thought leaders.
We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.
Leave a Reply